Brex has released an open-source tool called CrabTrap that intercepts network traffic from AI agents and blocks them before they can abuse API keys. The HTTP proxy, now available on GitHub, combines deterministic rules with large language model judgment to secure enterprise fintech environments.
What CrabTrap does
CrabTrap sits between an AI agent and the services it calls. It monitors every request the agent makes, checking for suspicious patterns or attempts to use credentials in ways they weren't intended. The tool applies a two-layer filter: first, hard-coded rules catch obvious violations; then an LLM evaluates ambiguous cases that might slip past simple logic.
Brex designed the proxy specifically for fintech, where API keys control access to sensitive financial data and payment systems. A compromised or overeager AI agent could trigger unauthorized transactions, leak customer information, or rack up costs by calling expensive endpoints. CrabTrap aims to stop that before it happens.
Why open source
By making CrabTrap public, Brex lets other companies inspect, modify, and deploy the same security layer without building from scratch. The codebase includes documentation and configuration examples tailored to common AI agent frameworks. Developers can adapt the rules to their own risk profiles or swap in different LLMs for the judgment step.
The move reflects a broader push in the industry to give enterprises more control over AI agents that increasingly operate autonomously. Rather than relying solely on API rate limits or post-hoc audits, CrabTrap enforces policy at the network level, in real time.
How it fits into enterprise security
AI agents often run with elevated permissions, making them attractive targets. A single leaked API key can let an attacker impersonate the agent and drain accounts or exfiltrate data. CrabTrap doesn't replace existing secrets management or authentication — it adds a behavioral layer that watches what the agent actually does with its keys.
The tool logs all intercepted traffic, giving security teams a record of every API call an agent makes. That visibility helps with compliance and incident response. Brex has not disclosed whether it uses CrabTrap internally or how many customers have tested it.
The project is available now under an open-source license. Companies can pull the code, configure it for their infrastructure, and start monitoring AI agent traffic immediately.




